Issue 220: API flaw in Booking.com, apps leaking sensitive API data, API security testing checklist | allinfosecnews.com

May 25, 2023, 4:10 p.m. | Colin Domoney

API Security News apisecurity.io

This week, we have news of a vulnerability affecting the OAuth2 implementation on the Booking.com website. We have a report from Approov on their research into financial apps in the Google Play store and another great article from Dana Epp on API security checklists. Finally, we cover an interview with Matias Madou on the need [...]

The post Issue 220: API flaw in Booking.com, apps leaking sensitive API data, API security testing checklist appeared first on API Security …

api api security api security testing approov apps article booking booking.com checklist data epp financial financial apps flaw google google play google play store great implementation issue newsletter archive oauth2 play play store report research security security testing store testing vulnerability website

More from apisecurity.io / API Security News

Issue 244: Threats to enterprises in the cloud, looming threats to APIs, API SDK generation … 22 hours ago | apisecurity.io

api apis articles challenges +13

Issue 243: Economics of API attacks, understanding CORS, blocking compromised API tokens 1 week, 2 days ago | apisecurity.io

api api attacks apis articles +20

Issue 242: API governance to avoid tech sprawl, API security in digital transformation, AI for … 4 weeks, 1 day ago | apisecurity.io

age api api governance apis +16

Issue 241: Two critical flaws in FortiSIEM product, making public APIs private, API security strategy 1 month, 1 week ago | apisecurity.io

api apis api security api security strategy +22

Issue 240: Spoutible API leakage, 15M Trello profiles scraped, API secret tokens leaked 1 month, 3 weeks ago | apisecurity.io

api api security atlassian big +19

Issue 239: Hugging Face API token breach, SonicWall firewalls exploit, Kubernetes API gateway guide 2 months, 1 week ago | apisecurity.io

api api gateway api security api security checklist +20

Issue 238: APIs used to target business, cloud-native for APIs, and APIs becoming attractive targets 2 months, 3 weeks ago | apisecurity.io

apis articles business businesses +10

Issue 237: Six API trends for 2024, API keys leading to vulnerabilities, the future of … 3 months, 1 week ago | apisecurity.io

api api discovery api keys discovery +8

Issue 236: Using a developer portal, dark data in APIs, an update on Ray AI … 3 months, 4 weeks ago | apisecurity.io

academy api apis article +19

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Information Systems Security Officer (ISSO), Junior

@ Dark Wolf Solutions | Remote / Dark Wolf Locations

View on infosec-jobs.com

Cloud Security Engineer

@ ManTech | REMT - Remote Worker Location

View on infosec-jobs.com

SAP Security & GRC Consultant

@ NTT DATA | HYDERABAD, TG, IN

View on infosec-jobs.com

Security Engineer 2 - Adversary Simulation Operations

@ Datadog | New York City, USA

View on infosec-jobs.com